Question

我正在尝试使用Google的日历API制作应用。我正按照here的指示行事。我可以请求获取授权代码，但我似乎无法形成获取访问令牌的有效请求。我一直收到回复{"error" : "invalid_request"}。这是我正在发布的POST请求：

POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded

code=4/vxQqw9JMYEnXvI8A_93OV7kBSg6h.8r2yJUkMc18dshQV0ieZDAraZNwsbwI&
client_id=[my client id]&
client_secret=[my client secret]&
redirect_uri=http://localhost:8080/auth&
grant_type=authorization_code

以下是通过curl调用url的输出。我的实际应用程序是用Node.js编写的，但是我通过应用程序获得了与curl相同的响应。我四处搜寻并看到有类似问题的人，但仍然无法弄清楚我做错了什么。

curl -v -k --header "Content-Type: application/x-www-form-urlencoded" --data-urlencode "code=4/vxQqw9JMYEnXvI8A_93OV7kBSg6h.8r2yJUkMc18dshQV0ieZDAraZNwsbwI&client_id=[my client id]&client_secret=[my client secret]&redirect_uri=http://localhost:8080/auth&grant_type=authorization_code" https://accounts.google.com/o/oauth2/token
* About to connect() to accounts.google.com port 443 (#0)
*   Trying 173.194.74.84... connected
* Connected to accounts.google.com (173.194.74.84) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using RC4-SHA
* Server certificate:
*    subject: C=US; ST=California; L=Mountain View; O=Google Inc; CN=accounts.google.com
*    start date: 2011-07-21 00:00:00 GMT
*    expire date: 2013-07-18 23:59:59 GMT
*    common name: accounts.google.com (matched)
*    issuer: C=ZA; O=Thawte Consulting (Pty) Ltd.; CN=Thawte SGC CA
*    SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> POST /o/oauth2/token HTTP/1.1
> User-Agent: curl/7.21.3 (i386-apple-darwin8.11.1) libcurl/7.21.3 OpenSSL/0.9.7l zlib/1.2.5 libidn/1.17
> Host: accounts.google.com
> Accept: */*
> Content-Type: application/x-www-form-urlencoded
> Content-Length: 180
> 
< HTTP/1.1 400 Bad Request
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: Fri, 01 Jan 1990 00:00:00 GMT
< Date: Tue, 29 May 2012 12:43:49 GMT
< Content-Type: application/json
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< Server: GSE
< Transfer-Encoding: chunked
< 
{
  "error" : "invalid_request"
* Connection #0 to host accounts.google.com left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
}

Answer 1

请求正文应该是这样的单行：

code=4/vxQqw9JMYEnXvI8A_93OV7kBSg6h.8r2yJUkMc18dshQV0ieZDAraZNwsbwI&client_id=[my client id]&
client_secret=[my client secret]&redirect_uri=http://localhost:8080/auth&grant_type=authorization_code

Answer 2

您没有对您的帖子请求进行网址编码。

我可以告诉你

 redirect_uri=http://localhost:8080/auth

没有冒号和斜线的％99。我和wget有同样的问题。我以为它会为我编码URL，但它不会。此外，在自定义POST中，您不能在＆符号和下一个表单发布值之间添加换行符。它必须全部在一条线上。这也是我与wget的问题。

Google API - 来自Oauth2的令牌请求返回“invalid_request”

2 个答案: